Package name
openssl
Date
2010-04-15
Advisory ID
MDVSA-2010:076
Affected versions
MES5 i586 , MNF2.0 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.1 x86_64 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , MES5 x86_64

Problem description

This update fixes several security issues in openssl:
- The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f
through 0.9.8m allows remote attackers to cause a denial of service
(crash) via a malformed record in a TLS connection (CVE-2010-0740)
- OpenSSL before 0.9.8m does not check for a NULL return value
from bn_wexpand function calls which has unspecified impact and
context-dependent attack vectors (CVE-2009-3245)
- The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL
before 0.9.8n, when Kerberos is enabled but Kerberos configuration
files cannot be opened, could allow remote attackers to cause a denial
of service (NULL pointer dereference and daemon crash) (CVE-2010-0433)
- Finally, this update provides support for secure renegotiation,
preventing men-in-the-middle attacks (CVE-2009-3555).

Packages for 2008.0 and 2009.0 are provided due to the Extended
Maintenance Program for those products.

Updated packages

MES5 i586

 5397afaa4dd55a61a69c7a613b4a04d0  mes5/i586/libopenssl0.9.8-0.9.8h-3.7mdvmes5.1.i586.rpm
 672b31b0932445ab920d98674b39568e  mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.i586.rpm
 bd4315ba38456187e89a3608f9a81449  mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.i586.rpm
 97c3e766752633e2dc3fb4e8808d94a2  mes5/i586/openssl-0.9.8h-3.7mdvmes5.1.i586.rpm 
 3fa202efa10e5a1758296c38d550e3c9  mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm

MNF2.0 i586

 dc0699f12403b68e03714fbf196c1a61  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.13.C30mdk.i586.rpm
 300487b72c03dc789393b1d031b0f79f  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.13.C30mdk.i586.rpm
 a7153e4b9c5b0b3710307ec9366bc7c6  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.13.C30mdk.i586.rpm
 51f0b04c0a6ceb1008c017ff5c9e708e  mnf/2.0/i586/openssl-0.9.7c-3.13.C30mdk.i586.rpm 
 4fbf3a9a35931cc30fdda10ce7d1d911  mnf/2.0/SRPMS/openssl-0.9.7c-3.13.C30mdk.src.rpm

2010.0 x86_64

 bd1bad7a46c995dd70390db3d3f54d9b  2010.0/x86_64/lib64openssl0.9.8-0.9.8k-5.2mdv2010.0.x86_64.rpm
 c402e4d826ff811ed12e51348433043d  2010.0/x86_64/lib64openssl0.9.8-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm
 11bc52f64e3149750039441e0953c1ac  2010.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm
 a312e7b5c36582656783e287e4fbf8b2  2010.0/x86_64/openssl-0.9.8k-5.2mdv2010.0.x86_64.rpm 
 d34a969c322305ba7c2bf42c464e655b  2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm

2010.0 i586

 bf40dda29eab76aed02a1d7cb0c6b7b0  2010.0/i586/libopenssl0.9.8-0.9.8k-5.2mdv2010.0.i586.rpm
 88f7e61fb1a73b6785eb7dd619b4ba26  2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.2mdv2010.0.i586.rpm
 43c3513218c3a1f9b92e6de050905511  2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.i586.rpm
 a8301e1c6f5f770673e3b5aa78def152  2010.0/i586/openssl-0.9.8k-5.2mdv2010.0.i586.rpm 
 d34a969c322305ba7c2bf42c464e655b  2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm

2009.1 i586

 2179a8dcd20d37f14ee8830af0b19f18  2009.1/i586/libopenssl0.9.8-0.9.8k-1.5mdv2009.1.i586.rpm
 2fa14647d3a714b59fcc96893b872d89  2009.1/i586/libopenssl0.9.8-devel-0.9.8k-1.5mdv2009.1.i586.rpm
 3456989c6989346efcf82a2ac744b860  2009.1/i586/libopenssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.i586.rpm
 ea0d9271dff872444a5104edb5a35782  2009.1/i586/openssl-0.9.8k-1.5mdv2009.1.i586.rpm 
 9606d6dd9ef55a4e36585031819ff68a  2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm

2009.1 x86_64

 48b2c896f7f5a78da411c3f952641a7c  2009.1/x86_64/lib64openssl0.9.8-0.9.8k-1.5mdv2009.1.x86_64.rpm
 f2243e30cf19af90a5d318a9b58f7166  2009.1/x86_64/lib64openssl0.9.8-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm
 eb21df80599178f9e0801f56ea53c596  2009.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm
 7623f6957ce025df671f26da48b43a8c  2009.1/x86_64/openssl-0.9.8k-1.5mdv2009.1.x86_64.rpm 
 9606d6dd9ef55a4e36585031819ff68a  2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm

CS4.0 i586

 838799e95a4b8ddbad162e3d85826cb3  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.12.20060mlcs4.i586.rpm
 fa537398af95ed3d4d2bf0458d6968e7  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.i586.rpm
 44095aa5ee43e81861066b7be51f26e0  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.i586.rpm
 311d0ffc5d5c066e78444899796d9a04  corporate/4.0/i586/openssl-0.9.7g-2.12.20060mlcs4.i586.rpm 
 ffcbb14a29c554d271b34a07ba8c6760  corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm

2008.0 x86_64

 18a2f6b7bc42e89172e199e2c9d9cbd7  2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.6mdv2008.0.x86_64.rpm
 adbcfd94636bf43eca84d56b000f1bf9  2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm
 78a4ae2c93221b31e75ff44f01cc963e  2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm
 cf642101a500d21a1b0d560c94f6c33b  2008.0/x86_64/openssl-0.9.8e-8.6mdv2008.0.x86_64.rpm 
 5781d06f2bc45312c89d5578b3d4426e  2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm

CS4.0 x86_64

 36a4b10bb78a32c87eacb51bb898ce74  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.12.20060mlcs4.x86_64.rpm
 97bc349e00703ec30ed4bc92ed1c8ad3  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm
 c5ad86569b033f43117c190d4843cb62  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm
 7323557da4375c9e28f0fc6ffe3c9681  corporate/4.0/x86_64/openssl-0.9.7g-2.12.20060mlcs4.x86_64.rpm 
 ffcbb14a29c554d271b34a07ba8c6760  corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm

2008.0 i586

 6779a4a1db26d264e8245d5a2e03b8e2  2008.0/i586/libopenssl0.9.8-0.9.8e-8.6mdv2008.0.i586.rpm
 32d0879c08e77ec6ee2bf3401e342ab5  2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.6mdv2008.0.i586.rpm
 f96338b09159511eb17480a3a398cdf4  2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.i586.rpm
 3b314cadba52af9c6ef20807fa6a7e40  2008.0/i586/openssl-0.9.8e-8.6mdv2008.0.i586.rpm 
 5781d06f2bc45312c89d5578b3d4426e  2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm

MES5 x86_64

 eff1bf6b250becc30db24dd090677cdc  mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdvmes5.1.x86_64.rpm
 a516bcfc84c4d725f9123aba88f2f433  mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm
 82bc5fb4ce477538a44d934ad20d0a76  mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm
 1423afe3a03dc74af39c81a5ea8382ba  mes5/x86_64/openssl-0.9.8h-3.7mdvmes5.1.x86_64.rpm 
 3fa202efa10e5a1758296c38d550e3c9  mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm

References